General
-
Target
VRLuMTic.exe
-
Size
45KB
-
Sample
210505-devaddzbfa
-
MD5
8d039cde4fb365b31d84aab6db00f230
-
SHA1
e935a05d2c04c952929760b283a6c76a233c6b3a
-
SHA256
a844cc35141ecd43e40f86de60070e578cb89278877938ad409506bed45696cd
-
SHA512
a1b05e103b14999e6fd67536136beb0554161e86a0572e62acd845766ae472a570729dece993f5ef7eb0a9acfb3a8756dc4106c9af8dfa384e60352ade3cece1
Behavioral task
behavioral1
Sample
VRLuMTic.exe
Resource
win7v20210410
Malware Config
Extracted
asyncrat
0.5.7B
ramsteincor.duckdns.org:6606
ramsteincor.duckdns.org:7707
ramsteincor.duckdns.org:222
AsyncMutex_6SI8OkPnk
-
aes_key
q1yHunBNWC96a4KM2Xxtaww4U0SdhpEG
-
anti_detection
false
-
autorun
false
-
bdos
false
-
delay
Default
-
host
ramsteincor.duckdns.org
-
hwid
3
- install_file
-
install_folder
%AppData%
-
mutex
AsyncMutex_6SI8OkPnk
-
pastebin_config
null
-
port
6606,7707,222
-
version
0.5.7B
Targets
-
-
Target
VRLuMTic.exe
-
Size
45KB
-
MD5
8d039cde4fb365b31d84aab6db00f230
-
SHA1
e935a05d2c04c952929760b283a6c76a233c6b3a
-
SHA256
a844cc35141ecd43e40f86de60070e578cb89278877938ad409506bed45696cd
-
SHA512
a1b05e103b14999e6fd67536136beb0554161e86a0572e62acd845766ae472a570729dece993f5ef7eb0a9acfb3a8756dc4106c9af8dfa384e60352ade3cece1
-